An unnamed Eastern Europe company became a victim of that continent's largest-ever distributed denial-of-service attack, says Akamai. The report comes in a season with a record-breaking volume of DDoS attacks, fueled greatly by geopolitical events led by Russia's invasion of Ukraine.
The era of pandemic-induced telework is also the era of higher reliance on mobile devices for sensitive workplace information - meaning we're likewise living in the age of fretful chief information security officers, a new survey concludes. "Companies are still struggling" to secure mobile devices.
Hackers are turning to cryptojacking to make easy money despite the fall in cryptocurrency valuation, including ransomware cybercriminals attracted by the lower-stakes world of cryptojacking, says threat intelligence firm SonicWall. The financial industry has seen a surge in cryptojacking attacks.
A scan of Russian servers led researchers to follow a trail of digital breadcrumbs to find a server with "smoking gun" evidence of connection to MedusaLocker ransomware. The malware has especially affected the healthcare industry. Attack surface risk firm Censys detailed its findings in a report.
Cyberattacks aren't just an annoyance but have real-world effects. Case in point: ransomware attacks on Colonial Pipeline and on food processor JBS. IBM Security's Chris McCurdy discusses these developments and security scenarios emerging from the cyber-physical fusion.
The government of Puerto Rico announced an investment of $7.6 million toward strengthening cybersecurity on the island. The island has undergone a string a embarrassing cybersecurity incidents, including a phishing incident that stole $2.6 million of taxpayer dollars.
Lockdown Mode will be available to all users who update to the latest versions of Apple operating systems this fall. This "extreme" protection will stop spyware infections through restrictions that render message attachments inaccessible, webpages slower to load and FaceTime calls harder to make.
FBI Director Christopher Wray and MI5 Director General Ken McCallum put business and academic leaders on alert over Chinese government-led intellectual property theft, telling an audience in London to think twice about doing business with Beijing.
The U.S. Department of Defense continues to experiment with bug bounties to draw in vulnerability reports from outside white hat hackers. It kicked off a new test program for continuous rewards on America's Independence Day by setting aside a pool of $110,000.
Microsoft has not yet released patches for two zero-days, Follina and DogWalk, that both exploit vulnerabilities in the Microsoft Windows Support Diagnostic Tool. But the company has released a workaround for Follina, and micropatching service 0Patch has offered a temporary fix for DogWalk.
The 15th edition of the annual Verizon Data Breach Investigations Report examines the rapid growth in ransomware, along with other threat vectors. Chris Novak, global director of the Threat Research Advisory Center at Verizon Business Group, discusses key findings and reviews the security landscape.
"All communications" in the Ukrainian city of Kherson has been hit, the State Service of Special Communications and Information Protection of Ukraine said on Tuesday. Internet, landline and mobile phone service providers have detected disruptions and subsequent shutdowns of their services.
Ransomware has grown 13% year on year in 2022, a jump greater than the past five years combined, a Verizon Business 2022 Data Breach Investigations Report published on Tuesday shows. It says financial gain continues to be the primary motive for attacks, followed by espionage.
Google will offer customers access to the same technology it uses to lock down developer workflows to ensure open-source dependencies are addressed. Assured Open Source Software will allow clients to ensure third-party software they're using is scanned, analyzed and fuzz-tested for vulnerabilities.
The Linux Foundation and the Open Source Security Foundation have put forth a nearly $150 million investment plan, spread across two years, to strengthen open-source security in the U.S. The plan was announced at the Open Source Software Security Summit II in Washington, D.C., on Thursday.